CloakMyFox

CloakMyFox brings fingerprinting resistance to Metamask. A fingerprint is essentially a list of characteristics that are unique to a single user, their browser, and their particular hardware setup. This project aims to enhance privacy and security for Metamask users by mitigating the risks associated with browser fingerprinting.

For my PoC, I forked Metamask and added the following fingerprinting resistance features.

Features

• Inject Ethereum Provider object only for whitelisted domains
• Avoid provider announcement for web2 websites
• Detection of wallet address leaks through cookies
• Site-specific randomised addresses (wip)

Challenges you ran into

I found debugging the Chrome Extension API code quite challenging. Some of the fingerprinting resistance techniques I wanted to implement were not possible with the existing APIs exposed by Chrome. I did not have access to Manifest V3 methods, which made me lose some time.

Technology used

Javascript, Chrome Extension API